| AID | 13 |
|---|---|
| Domain | Application & Interface Security |
| CID | AIS-05 |
| Control | Application Security Testing |
| Control Specification | Implement a testing strategy, including criteria for acceptance of new information systems, upgrades and new versions, which provides application security assurance and maintains compliance while meeting organizational delivery goals. Automate when applicable and possible. |
| Control Type | Cloud & AI Related |
| AI CAIQ ID | AIS-05.1 |
| AI CAIQuestionnaire | Is a testing strategy implemented, including criteria for acceptance of new information systems, upgrades, and new versions, to provide application security assurance, maintain compliance, and meet organizational delivery goals? |
| NIST AI 600-1 Mapping | MEASURE 2.3<br /> MEASURE 2.5<br /> MEASURE 2.6 |
Reference: https://cloudsecurityalliance.org/artifacts/ai-controls-matrix